Archive for May, 2011

Anytime you log into an account on a website you’re providing proof that you are who you say you are by passing an authentication test. Most websites rely on only one method to confirm a user’s identity via a username or email address and password. Websites with a need for stronger security such as banking sites, and now the Nextpoint web applications, require you pass a more rigorous confirmation process.

Two Factor Authentication increases security by using two identification classes to determine that you are who you say you are. The first identification test we use is something you know: your password. We haven’t changed anything about our initial login process, you’ll still need to enter your email or user name and password.

If you pass the first authentication test and we recognize the device you’re connecting with, your login is complete. However, if you pass the first test and you haven’t authorized your computer you’ll be directed to a device verification page.

Here you’ll have to complete our second step in the authentication process. You’ll need to use something you have: access to your email account. When we don’t recognize your device, you are automatically sent an email containing a time sensitive PIN which you’ll use to complete authentication and authorize your device.

The PIN in the email expires shortly after it’s been sent, so make sure you use it in a timely fashion. If you don’t enter the PIN within the time constraints, you can always request a new one from the device verification page. An added benefit of the automated new device email is that you’ll know right away if your account has been compromised.

If you’re an existing user, we’re providing a quick and easy way to postpone activating this new feature, just click on the ‘postpone until later’ link on the device activation screen and ignore the Device Activation email in your inbox. You’ll push back activating two factor authentication, and will continue logging in just like you’re used to. You’ll be presented with the New Device Verification page again in two weeks. Once you activate one device, two factor authentication will automatically be enabled for your account. Users created after May 26, 2011 will not be able to defer this feature.

We’re also providing you with a history of your most recent logins, where you’ll be able to see data about your login and which devices you’ve logged in with.

Why are we doing this? We want to make sure that your data is secure even if someone steals your password. Two factor authorization is an extra step for you to log in, but it’s a much bigger obstacle for someone to maliciously access your data.

Twitter recently announced they will be changing the default permissions third-party applications — like CloudPreservation — receive when a user authenticates them. Starting on June 14th, applications will have to explicitly request access to a user’s Direct Messages, a permission that had been granted automatically up to this point.

In the end, this is a good thing in that it gives users better insight and control into exactly what a third-party application will be able to see and do with their account, and giving users control over their data through transparency is never a bad thing. It does, however, mean that everyone who has already granted CloudPreservation permission to preserve their Twitter feeds will have to reauthorize us so that we can continue to track and store their Direct Messages.

No problem. Within the next few days, if you’re one of our current CloudPreservation customers with an active Twitter account, you’ll receive an email from us asking you to click a link to reauthorize CloudPreservation. You’ll actually be performing the same process as when you authorized us the first time. Just click the link in the email, log in to Twitter, choose “Authorize App,” and voila — we’ll be able to preserve your Direct Messages for well into the future.

The volume of data involved in the e-discovery process is imposing. Removing exact duplicates prior to review is the most powerful and sensible way to eliminate obviously redundant data. This reduces not only the overall data volume, but also ensures data only needs to be reviewed once.

In the latest enhancement to the Nextpoint product lineup, including Cloud Preservation, Discovery Cloud, and Trial Cloud, automatic “deduplication” is built in — allowing users to eliminate duplicative data simply and easily via a user friendly interface. This is a huge efficiency improvement, reducing the time and cost of e-discovery and we are excited to bring this innovation to our customers.

The 2 phased Deduplication process.

1. Preventing duplicate uploads.

As an initial step, uploaded files (zip, pst, loose file, etc) are compared to all previous uploads. If the upload is an exact duplicate of a previous upload, the application will request confirmation you would like the duplicative files to be loaded. Frequently, this step alone can prevent large numbers of duplicate documents.

Often times the same file (an email, document, etc) has been collected from multiple sources. When this occurs, the upload will slip by Phase 1 because the container (zip/pst/etc) was physically different than anything previously uploaded. This is by far the most common cause of duplicate documents.

Individual checks occur on files contained inside of the high-level container to search for an exact match*. When an exact match is caught, introduction of the duplicative data is prevented, instead linking to the pre-existing copy of the document. The pre-existing document will now indicate that it was loaded both in Batch 1 and Batch 2. Additionally fields such as location URI and custodian will be merged.

* Metadata from a load file and/or changes made via the web application after the previous load completed (designating, reviewing, changing shortcuts, etc) will be taken into consideration when making the “exact match” determination. By default, a file hash is employed to identify candidates for “exact matches” – optionally, this can be expanded to include documents that may have a different file hash but share an Email-Message-ID.

Understanding what has been deduplicated.

The batch details screen (choose “Import/Export” from the menu bar in Discovery Cloud or “More” -> “Imports” in Trial Cloud) has been enhanced to provide information on how much and what has been deduplicated.

The main section provides verbose lists of Actions, Errors, and Skipped Rows that occurred during processing. It also provides abbreviated lists of new and duplicate documents encountered during processing, with links to quickly view the full set(s) via our normal search/filter interface.

The Batch Summary section (located in the sidebar) has been enhanced to provide information about the uploaded file, the results and status of processing, links to resulting documents, and the ability to reprocess the originally uploaded file completely.

Handling the duplicates that make it through.

The “same file” can make it into the system through a few different channels.

A user deliberately disabled deduplication during an upload or selected the “reprocess file” option on an entire batch.

The same document was attached to multiple emails. The meaning of a document can vary wildly based on it’s context, thus we consider an email and it’s attachment(s) as a single unit during the deduplication process.

The “same file” by content hash will be allowed into the system if the associated meta is different. This could happen due to differences specified in load files, changes made to meta in the system following uploads, etc.

In all of these situations, we display related files in the sidebar (of Discovery Cloud) to allow the human reviewer to determine whether associated meta does or does not warrant further deduplication.

Customization & Disabling Deduplication

Deduplication can be disabled on any individual upload/reprocessing request. It can be disabled at the instance level via “Settings” => “General Settings” => “Deduplication”. The settings section also provides the ability to use Email-Message-ID in the “exact match” determination.

When will it be available?

This functionality is available immediately in both Discovery and Trial Clouds.

As always, custom support options are available on request to address unique deduplication needs. We’re excited for these new improvement and the positive impact they’ll have for our customers going forward.